mike-jumper commented on a change in pull request #392: GUACAMOLE-774: Add in
MD4 support for MSCHAPv1/2
URL: https://github.com/apache/guacamole-client/pull/392#discussion_r273617621
##########
File path:
extensions/guacamole-auth-radius/src/main/java/org/apache/guacamole/auth/radius/RadiusConnectionService.java
##########
@@ -129,6 +133,18 @@ private RadiusAuthenticator
setupRadiusAuthenticator(RadiusClient radiusClient)
if (radAuth == null)
throw new GuacamoleException("Could not get a valid
RadiusAuthenticator for specified protocol: " +
confService.getRadiusAuthProtocol());
+ // For MSCHAPv1/2, we need MD4 support
+ if (radAuth instanceof MSCHAPv1Authenticator
+ || radAuth instanceof MSCHAPv2Authenticator) {
+
+ Security.addProvider(new Provider("MD4", 0.00, "MD4 for MSCHAPv1/2
RADIUS") {
Review comment:
`setupRadiusAuthenticator()` is invoked from within `authenticate()`, so
this will result in `Security.addProvider(...)` being invoked each time someone
authenticates. It's unclear to me within the documentation for `addProvider()`
whether this will result in multiple copies of the MD4 implementation being
added.
Perhaps this should be moved to a location where it occurs only once?
Is it known that no other auth protocols use MD4?
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
[email protected]
With regards,
Apache Git Services
